cancel
Showing results for 
Search instead for 
Did you mean: 

Linux security

Community Veteran
Posts: 7,988
Thanks: 635
Fixes: 8
Registered: 02-08-2007

Linux security

Have been using Linux for a number of months now and am well pleased with it but I do not use any form of security.
I am the only one using the computer and no one else has access to it but I am aware there is a firewall program included with Mint 13 & it's predecessors, should this firewall be set up in some way ?
Does anyone else use any sort of security program with linux apart from keeping it updated. ?
There is stacks of information about security and linux but much of it seems aimed at Business users or those with considerable knowledge of Linux so it's difficult to tell what the average home user needs, if anything .
36 REPLIES
Community Veteran
Posts: 4,949
Thanks: 358
Fixes: 16
Registered: 10-06-2010

Re: Linux security

Well I have flashblock (Firefox extension) installed and disable the Java plugin when I don't need it.
Fedora has SELinux enabled by default to provide an extra layer of security - essentially it can stop programs and system services from doing things they're not expected to. It's supposed to "just work". I don't know if Mint or Ubuntu enable SELinux.
The Linux firewall is comparatively low level, dealing with IP addresses and ports, rather than the "Do you want to allow this program to access the Internet?" kind. You don't need to configure it unless you need to allow incoming connections to certain ports. A bit like opening some ports on a router, but without the "forwarding".
Community Veteran
Posts: 6,610
Thanks: 209
Fixes: 15
Registered: 16-02-2009

Re: Linux security

I have been using Linux exclusively for nearly 6 years, and Mint for about 3 of them, and I have NOT got any firewalls or antivirus installed.
You only really need one if:-
you share the data with a M$ pc - shared folders etc
you run a mail server
You can install ClamAV and the front end for it to scan if you feel like it, or to keep to the word of the bank's instance you need an av program installed.  ClamAV only runs on demand so no over head installing it.
Unless you run the pc 24/7 and have lots of programs running on it (torrents etc) there really isn't any need for a firewall other than the one in your router, that is enabled isn't it?
VileReynard
Seasoned Pro
Posts: 10,649
Thanks: 206
Fixes: 9
Registered: 01-09-2007

Re: Linux security

Remember that your router includes a firewall - and Linux won't be listening, by default, for various internet crud.

Community Veteran
Posts: 4,949
Thanks: 358
Fixes: 16
Registered: 10-06-2010

Re: Linux security

Well your router is probably running Linux.
Community Veteran
Posts: 7,988
Thanks: 635
Fixes: 8
Registered: 02-08-2007

Re: Linux security

Thanks for that !
? Firewall in my router, I am assuming that is enabled by default, hope I am assuming correctly.
To link  the router with my computer a password is needed but I also note there is a button on the router for WPS, have always left this switched off, should this be on ?
Community Veteran
Posts: 6,610
Thanks: 209
Fixes: 15
Registered: 16-02-2009

Re: Linux security

Without knowing what router it is...
VileReynard
Seasoned Pro
Posts: 10,649
Thanks: 206
Fixes: 9
Registered: 01-09-2007

Re: Linux security

WPS is a Windows security hole.
Almost certainly your firewall is switched on by default.
I suggest you play with https://www.grc.com/x/ne.dll?bh0bkyd2 - it's a site which demonstrates some internet security flaws - or lack of them.  Smiley

Community Veteran
Posts: 7,988
Thanks: 635
Fixes: 8
Registered: 02-08-2007

Re: Linux security

Quote from: Hairy
Without knowing what router it is...

Thomson TG582n
Community Veteran
Posts: 7,988
Thanks: 635
Fixes: 8
Registered: 02-08-2007

Re: Linux security

Quote from: Un
WPS is a Windows security hole.
Almost certainly your firewall is switched on by default.
I suggest you play with https://www.grc.com/x/ne.dll?bh0bkyd2 - it's a site which demonstrates some internet security flaws - or lack of them.  Smiley
Thanks for the link, I have used the program before but it was several years ago and could not remember the link.
Heloman
Grafter
Posts: 519
Registered: 30-07-2007

Re: Linux security

GRC also has an excellent newsgroup community which I've followed for years.
https://www.grc.com/discussions.htm
In particular there is a very helpful bunch of guys in the  grc.techtalk.linux group.
It's a private newsgroup, rather than usenet, but well worth joining IMHO
petertuson
Grafter
Posts: 39
Registered: 10-03-2012

Re: Linux security

All my computers run linux, the Debian variety. Both my wife and I have linux netbooks and we have two linux servers.
I don't run any firewall of anti-virus software on the netbooks. At first, I occasionally ran ClamAV but never found anything so gave up. I also ran an intrusion detection system which flagged up all the bits of linux that enables interoperability with windows so I turned them off.
I run iptables on the servers as I forward the HTTP and HTTPS ports from the router. Actually, apache 2 does a very good job of detecting and blocking access - as long as the configuration files are set for your site configuration. I use iptables to block traffic from external sites that are probing my network before it gets to apache.
The trick with linux is to only install what you need and only ever log in as a normal user. Then log into a terminal as the administrator to administer the system.
VileReynard
Seasoned Pro
Posts: 10,649
Thanks: 206
Fixes: 9
Registered: 01-09-2007

Re: Linux security

Or even better, almost never login as administrator (root), but use the sudo feature to administer your system from a user logon...

Waldo
Grafter
Posts: 473
Registered: 01-08-2007

Re: Linux security

Or use sudo to become root

waldo@schabziger ~ $ sudo bash
[sudo] password for waldo:
schabziger ~ # whoami
root
Waldo
Grafter
Posts: 473
Registered: 01-08-2007

Re: Linux security

Quote from: gleneagles
Does anyone else use any sort of security program with linux apart from keeping it updated. ?

I enable ufw (uncomplicated firewall) on laptop / netbook when using public WiFi or a 3G dongle.
It has GTK and Qt front-ends as well as a CLI; you'll find Gufw in the Mint menu.